@Post("json")
public Representation authenticate(Representation input) throws Exception {
getLogger().fine("In Authenticate resource");
if (isLocalAcessOnly()) { // Check that protocol = RIAP
String scheme = getOriginalRef().getScheme();
if (!Protocol.RIAP.getSchemeName().equals(scheme)) {
throw new ResourceException(
Status.CLIENT_ERROR_BAD_REQUEST, "Auth server only allows local resource validation");
}
}
JSONObject call = new JsonRepresentation(input).getJsonObject();
if (!call.has(TOKEN_TYPE)) {
throw new OAuthException(OAuthError.invalid_request, "No token_type", null);
}
String tokenType = call.getString(TOKEN_TYPE);
final Token token;
if (tokenType.equals(OAuthServerResource.TOKEN_TYPE_BEARER)) {
token = tokens.validateToken(call.get(ACCESS_TOKEN).toString());
} /*
* else if (tokenType.equals(OAuthServerResource.TOKEN_TYPE_MAC)) { //
* TODO }
*/ else {
throw new OAuthException(OAuthError.invalid_request, "Unsupported token_type", null);
}
JSONObject resp = new JSONObject();
resp.put(USERNAME, ((ServerToken) token).getUsername());
resp.put(SCOPE, Scopes.toString(token.getScope()));
return new JsonRepresentation(resp);
}
